Skip to content

Test Reports

This page includes reports generated from an online static code analysis tool. The tool we chose to use is DeepSource. It provides a large array of features and a variety of interesting statistics for the code.

Here is a report generated from our frontend/backend code for one of the later builds of our project. Note that the analysis was done on a duplicated repository so that we have access, however, the code is entirely identical to the main repository. As such, all references to the private account used to analyze the code (Spazdaa) can be interpreted as the Capstone Dashboard Team.

Summary

OWASP Top 10 Report

As indicated, there are no Top 10 OWASP vulnerabilities in our code. Yay!

CWE/SANS Top 25 Report

As indicated, there are no Top 25 CWE vulnerabilities in our code. Yay!

Issue Distribution

The report identifies 73 issues with our code. However, only 2 of these are recommended to be fixed by DeepSource. These involve commented out code blocks, which we actually want to keep for future development reference.

We also went through the rest of the issues presented by DeepSource. For the most part, they are style issues like lines that are too long. We decided that we do not need to strictly enforce this rule, since there are many instances where data is just very long (ex. Sample URLs). The rationale for other reported issues was similar.

Below: A screenshot of the issue distribution dashboard. Static Code Analysis Issues